diff options
| -rw-r--r-- | scripts/vyatta-wanloadbalance.pl | 4 | ||||
| -rw-r--r-- | src/lbdata.hh | 3 | ||||
| -rw-r--r-- | src/lbdatafactory.cc | 9 | ||||
| -rw-r--r-- | src/lbdatafactory.hh | 3 | ||||
| -rw-r--r-- | src/lbdecision.cc | 6 | ||||
| -rw-r--r-- | templates/load-balancing/wan/flush-connections/node.def | 1 |
6 files changed, 25 insertions, 1 deletions
diff --git a/scripts/vyatta-wanloadbalance.pl b/scripts/vyatta-wanloadbalance.pl index 56d4bc4..c287ddd 100644 --- a/scripts/vyatta-wanloadbalance.pl +++ b/scripts/vyatta-wanloadbalance.pl @@ -29,6 +29,10 @@ sub write_health { print FILE_LCK "disable-source-nat\n"; } + if ($config->exists("load-balancing wan flush-connections")) { + print FILE_LCK "flush-conntrack\n"; + } + $config->setLevel("load-balancing wan interface-health"); my @eths = $config->listNodes(); diff --git a/src/lbdata.hh b/src/lbdata.hh index 25f0f80..03e617f 100644 --- a/src/lbdata.hh +++ b/src/lbdata.hh @@ -116,7 +116,7 @@ class LBData { typedef map<string,LBHealth>::iterator InterfaceHealthIter; typedef map<string,LBHealth>::const_iterator InterfaceHealthConstIter; - LBData() : _disable_source_nat(false) {} + LBData() : _disable_source_nat(false),_flush_conntrack(false) {} bool error() {return false;} @@ -140,6 +140,7 @@ class LBData { InterfaceHealthColl _iface_health_coll; bool _disable_source_nat; + bool _flush_conntrack; }; #endif //__LBDATA_HH__ diff --git a/src/lbdatafactory.cc b/src/lbdatafactory.cc index 87ce746..ebe63d0 100644 --- a/src/lbdatafactory.cc +++ b/src/lbdatafactory.cc @@ -123,6 +123,9 @@ LBDataFactory::process(const vector<string> &path, int depth, const string &key, if (path[0] == "disable-source-nat") { process_disablesourcenat(l_key,l_value); } + else if (path[0] == "flush-conntrack") { + process_flushconntrack(l_key,l_value); + } else if (path[0] == "health") { if (l_key == "interface") { process_health(l_key,l_value); @@ -166,6 +169,12 @@ LBDataFactory::process_disablesourcenat(const string &key, const string &value) } void +LBDataFactory::process_flushconntrack(const string &key, const string &value) +{ + _lb_data._flush_conntrack = true; +} + +void LBDataFactory::process_health(const string &key, const string &value) { if (value.empty() == false) { diff --git a/src/lbdatafactory.hh b/src/lbdatafactory.hh index 1ba6b58..6d2211c 100644 --- a/src/lbdatafactory.hh +++ b/src/lbdatafactory.hh @@ -44,6 +44,9 @@ private: process_disablesourcenat(const string &key, const string &value); void + process_flushconntrack(const string &key, const string &value); + + void process_health(const string &key, const string &value); void diff --git a/src/lbdecision.cc b/src/lbdecision.cc index 6c22943..70f9a8e 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -246,6 +246,12 @@ LBDecision::run(LBData &lb_data) //then if we do, flush all execute("iptables -t mangle -F PREROUTING", stdout); + //new request, bug 4112. flush conntrack tables if configured + if (lb_data._flush_conntrack == true) { + execute("conntrack -F", stdout); + execute("conntrack -F expect", stdout); + } + //and compute the new set and apply LBData::LBRuleIter iter = lb_data._lb_rule_coll.begin(); while (iter != lb_data._lb_rule_coll.end()) { diff --git a/templates/load-balancing/wan/flush-connections/node.def b/templates/load-balancing/wan/flush-connections/node.def new file mode 100644 index 0000000..8798b0e --- /dev/null +++ b/templates/load-balancing/wan/flush-connections/node.def @@ -0,0 +1 @@ +help: Set to flush connection tracking tables on connection state change. |